npm - oauth4webapi - Versions diffs - 2.0.2 → 2.0.3 - Mend

oauth4webapi 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -39,7 +39,7 @@ import * as oauth2 from 'oauth4webapi'
 **`example`** Deno import
 ```js
-import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.0.2/mod.ts'
+import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.0.3/mod.ts'
 ```
 - Authorization Code Flow - OpenID Connect [source](examples/code.ts), or plain OAuth 2 [source](examples/oauth.ts)

package/build/index.d.ts CHANGED Viewed

@@ -1,9 +1,9 @@
-type JsonObject = {
+declare type JsonObject = {
     [Key in string]?: JsonValue;
 };
-type JsonArray = JsonValue[];
-type JsonPrimitive = string | number | boolean | null;
-type JsonValue = JsonPrimitive | JsonObject | JsonArray;
+declare type JsonArray = JsonValue[];
+declare type JsonPrimitive = string | number | boolean | null;
+declare type JsonValue = JsonPrimitive | JsonObject | JsonArray;
 /**
  * Interface to pass an asymmetric private key and, optionally, its associated JWK Key ID to be
  * added as a `kid` JOSE Header Parameter.
@@ -41,7 +41,7 @@ export interface PrivateKey {
  * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)
  * @see [OAuth Token Endpoint Authentication Methods](https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#token-endpoint-auth-method)
  */
-export type ClientAuthenticationMethod = 'client_secret_basic' | 'client_secret_post' | 'private_key_jwt' | 'none';
+export declare type ClientAuthenticationMethod = 'client_secret_basic' | 'client_secret_post' | 'private_key_jwt' | 'none';
 /**
  * Supported JWS `alg` Algorithm identifiers.
  *
@@ -84,7 +84,7 @@ export type ClientAuthenticationMethod = 'client_secret_basic' | 'client_secret_
  * }
  * ```
  */
-export type JWSAlgorithm = 'PS256' | 'ES256' | 'RS256' | 'EdDSA';
+export declare type JWSAlgorithm = 'PS256' | 'ES256' | 'RS256' | 'EdDSA';
 /**
  * Authorization Server Metadata
  *
@@ -1014,7 +1014,7 @@ declare class CallbackParameters extends URLSearchParams {
  * @see [RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification](https://www.rfc-editor.org/rfc/rfc9207.html)
  */
 export declare function validateAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck): CallbackParameters | OAuth2Error;
-type ReturnTypes = TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse;
+declare type ReturnTypes = TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse;
 export interface DeviceAuthorizationRequestOptions extends HttpRequestOptions, AuthenticatedRequestOptions {
 }
 /**

package/build/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 let USER_AGENT;
 if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
     const NAME = 'oauth4webapi';
-    const VERSION = 'v2.0.1';
+    const VERSION = 'v2.0.3';
     USER_AGENT = `${NAME}/${VERSION}`;
 }
 const encoder = new TextEncoder();
@@ -114,10 +114,6 @@ function isPublicKey(key) {
     return isCryptoKey(key) && key.type === 'public';
 }
 const SUPPORTED_JWS_ALGS = ['PS256', 'ES256', 'RS256', 'EdDSA'];
-function preserveBodyStream(response) {
-    assertReadableResponse(response);
-    return response.clone();
-}
 function processDpopNonce(response) {
     const url = new URL(response.url);
     if (response.headers.has('dpop-nonce')) {
@@ -205,9 +201,10 @@ export async function processDiscoveryResponse(expectedIssuerIdentifier, respons
     if (response.status !== 200) {
         throw new OPE('"response" is not a conform Authorization Server Metadata response');
     }
+    assertReadableResponse(response);
     let json;
     try {
-        json = await preserveBodyStream(response).json();
+        json = await response.json();
     }
     catch {
         throw new OPE('failed to parse "response" body as JSON');
@@ -590,9 +587,10 @@ export async function processPushedAuthorizationResponse(as, client, response) {
         }
         throw new OPE('"response" is not a conform Pushed Authorization Request Endpoint response');
     }
+    assertReadableResponse(response);
     let json;
     try {
-        json = await preserveBodyStream(response).json();
+        json = await response.json();
     }
     catch {
         throw new OPE('failed to parse "response" body as JSON');
@@ -743,7 +741,8 @@ export async function processUserInfoResponse(as, client, expectedSubject, respo
     }
     let json;
     if (getContentType(response) === 'application/jwt') {
-        const { claims } = await validateJwt(await preserveBodyStream(response).text(), checkSigningAlgorithm.bind(undefined, client.userinfo_signed_response_alg, as.userinfo_signing_alg_values_supported), noSignatureCheck)
+        assertReadableResponse(response);
+        const { claims } = await validateJwt(await response.text(), checkSigningAlgorithm.bind(undefined, client.userinfo_signed_response_alg, as.userinfo_signing_alg_values_supported), noSignatureCheck)
             .then(validateOptionalAudience.bind(undefined, client.client_id))
             .then(validateOptionalIssuer.bind(undefined, as.issuer));
         json = claims;
@@ -752,8 +751,9 @@ export async function processUserInfoResponse(as, client, expectedSubject, respo
         if (client.userinfo_signed_response_alg) {
             throw new OPE('JWT UserInfo Response expected');
         }
+        assertReadableResponse(response);
         try {
-            json = await preserveBodyStream(response).json();
+            json = await response.json();
         }
         catch {
             throw new OPE('failed to parse "response" body as JSON');
@@ -832,9 +832,10 @@ async function processGenericAccessTokenResponse(as, client, response, ignoreIdT
         }
         throw new OPE('"response" is not a conform Token Endpoint response');
     }
+    assertReadableResponse(response);
     let json;
     try {
-        json = await preserveBodyStream(response).json();
+        json = await response.json();
     }
     catch {
         throw new OPE('failed to parse "response" body as JSON');
@@ -1100,7 +1101,8 @@ export async function processIntrospectionResponse(as, client, response) {
     }
     let json;
     if (getContentType(response) === 'application/token-introspection+jwt') {
-        const { claims } = await validateJwt(await preserveBodyStream(response).text(), checkSigningAlgorithm.bind(undefined, client.introspection_signed_response_alg, as.introspection_signing_alg_values_supported), noSignatureCheck)
+        assertReadableResponse(response);
+        const { claims } = await validateJwt(await response.text(), checkSigningAlgorithm.bind(undefined, client.introspection_signed_response_alg, as.introspection_signing_alg_values_supported), noSignatureCheck)
             .then(checkJwtType.bind(undefined, 'token-introspection+jwt'))
             .then(validatePresence.bind(undefined, ['aud', 'iat', 'iss']))
             .then(validateIssuer.bind(undefined, as.issuer))
@@ -1111,8 +1113,9 @@ export async function processIntrospectionResponse(as, client, response) {
         }
     }
     else {
+        assertReadableResponse(response);
         try {
-            json = await preserveBodyStream(response).json();
+            json = await response.json();
         }
         catch {
             throw new OPE('failed to parse "response" body as JSON');
@@ -1149,9 +1152,10 @@ async function processJwksResponse(response) {
     if (response.status !== 200) {
         throw new OPE('"response" is not a conform JSON Web Key Set response');
     }
+    assertReadableResponse(response);
     let json;
     try {
-        json = await preserveBodyStream(response).json();
+        json = await response.json();
     }
     catch {
         throw new OPE('failed to parse "response" body as JSON');
@@ -1169,8 +1173,9 @@ async function processJwksResponse(response) {
 }
 async function handleOAuthBodyError(response) {
     if (response.status > 399 && response.status < 500) {
+        assertReadableResponse(response);
         try {
-            const json = await preserveBodyStream(response).json();
+            const json = await response.json();
             if (isJsonObject(json) && typeof json.error === 'string' && json.error.length) {
                 if (json.error_description !== undefined && typeof json.error_description !== 'string') {
                     delete json.error_description;
@@ -1458,9 +1463,10 @@ export async function processDeviceAuthorizationResponse(as, client, response) {
         }
         throw new OPE('"response" is not a conform Device Authorization Endpoint response');
     }
+    assertReadableResponse(response);
     let json;
     try {
-        json = await preserveBodyStream(response).json();
+        json = await response.json();
     }
     catch {
         throw new OPE('failed to parse "response" body as JSON');

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "oauth4webapi",
-  "version": "2.0.2",
+  "version": "2.0.3",
   "description": "OAuth 2 / OpenID Connect for Web Platform API JavaScript runtimes",
   "keywords": [
     "auth",